Slashdot Mirror
The Kremlin's Remote-Access Credentials Left Thousands Of Businesses Exposed For Years (zdnet.com)
A Dutch security researcher says he found credentials for the Russian government's backdoor account for accessing servers of businesses operating in Russia, ZDNet reports:
The researcher says that after his initial finding, he later found the same "admin@kremlin.ru" account on over 2,000 other MongoDB databases that had been left exposed online, all belonging to local and foreign businesses operating in Russia. Examples include databases belonging to local banks, financial institutions, big telcos, and even Disney Russia.... "The first time I saw these credentials was in the user table of a Russian Lotto website," Victor Gevers told ZDNet in an interview Monday. "I had to do some digging to understand that the Kremlin requires remote access to systems that handle financial transactions....
"All the systems this password was on were already fully accessible to anyone," Gevers said. "The MongoDB databases were deployed with default settings. So anyone without authentication had CRUD [Create, Read, Update and Delete] access."
"It took a lot of time and also many attempts to contact and warn the Kremlin about this issue," the researcher added -- specifically, three years, five months and 15 days. The Kremlin reused the same credentials "everywhere," reports IT News, "leaving a large number of businesses open to access from the internet."
Long-time Slashdot reader Bismillah calls it "an illustration of the dangers of giving governments backdoors into systems and networks."
"All the systems this password was on were already fully accessible to anyone," Gevers said. "The MongoDB databases were deployed with default settings. So anyone without authentication had CRUD [Create, Read, Update and Delete] access."
"It took a lot of time and also many attempts to contact and warn the Kremlin about this issue," the researcher added -- specifically, three years, five months and 15 days. The Kremlin reused the same credentials "everywhere," reports IT News, "leaving a large number of businesses open to access from the internet."
Long-time Slashdot reader Bismillah calls it "an illustration of the dangers of giving governments backdoors into systems and networks."
Because obviously Mr Putin personally uses those backdoors every day - right from his desk in the Kremlin. It's just like the thousands of Web sites worldwide that have backdoor accounts named "Admin@Whitehouse.gov" or "Admin@CIA.gov".
By the way, I wonder who authorised this "Dutch researcher" to poke around inside 2,000 Web sites located in Russia? Imagine, if you will, that a "Russian researcher" was found to have done the same to over 2,000 sites in the USA. For further credit, try to imagine the headlines, the speeches, the bursting-with-indignation resolutions in Congress...
I am sure that there are many other solipsists out there.